Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The router must encrypt all methods of configured authentication.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000168-RTR-000077 | SRG-NET-000168-RTR-000077 | SRG-NET-000168-RTR-000077_rule | High |
| Description |
|---|
| Network elements not protected with strong passwords provide the opportunity for anyone to crack the password thus gaining access to the system and the network. All passwords must be kept and known only by the account user who created the password. Malicious users can gain knowledge of passwords during the authentication process by sniffing local traffic between the network element and the authentication server. It is imperative the authentication process implements cryptographic modules adhering to the higher standards approved by the federal government. |
| STIG | Date |
|---|---|
| Router Security Requirements Guide | 2013-07-30 |
Details
| Check Text ( C-SRG-NET-000168-RTR-000077_chk ) |
|---|
| Verify the router is configured to encrypt all methods of authentication. If the router is not configured to encrypt all methods of authentication, this is a finding. |
| Fix Text (F-SRG-NET-000168-RTR-000077_fix) |
|---|
| Configure all methods of authentication to be encrypted. |